Start off by getting a 500mbps+ network dedi for your server. Personally wouldn't go below that if you're expecting the server to reach hundreds of players. Limit connections per IP, limit requests per file group. Block off invalid cache indexes(as of revision 178, there's only one - index 16, previous world map). The latter is a huge worrying point - you don't really want to release your server with a cache from before that. A single group in index 16 is over ten megabytes. That is such a weak point that anyone could take the JS5 down relatively easily by targeting that specific group. All it requires is for you to send a request thats a couple bytes, and the server is forced to reply to that with the aforementioned ten megabytes. With enough proxies, you can always take it down, even if the dedi has 10gbps network.
As long as index 16 isn't in the picture anymore, everything becomes a lot more clear. The biggest group then is one of the models, with just tens of kilobytes if I recall correctly. That is significantly harder to abuse to bring the whole network down.
It is also important to spread out the JS5 requests, don't send the whole cache to a single user all at once, throttle it so everyone gets the cache at relatively the same speed. The way I did it iirc was by only processing 100-200 requests per 100ms per IP.
I highly suggest anyone who plans on releasing their server to get another dedi/vps, this one only needs good networking, nothing else. Disable most of your security on your game server, anything extra you got, get rid of it. Then attack your server with the newly bought dedi in the worst way you can think of. If you're the one who added all the JS5 restrictions, you're the one who knows how to best attack the JS5, where each limit sits at. You're then able to optimize your flooding to the absolute worst. Attack your own server, if it can withhold that without issues, you shouldn't need to worry about it anymore.
I don't remember exactly what precautions I added on Zenyte for the JS5 there, however I do know that no one has ever breached it or managed to take it down. The JS5 there is on the same dedi as the game itself. It managed to feed the cache to hundreds of players fast enough to where over four hundred were online in just a couple minutes. I personally did all the math to figure out the worst-case scenario, how much bandwidth we would need to not have to worry about anything, and then I doubled that just to be safe.
|« Android Mobile Client - smali | RuneScape queues. »|
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
|Tags for this Thread|